Entity:

Technology

Job Family Group:

IT&S Group

Job Description:

About bp

bp is a global energy business with a purpose to reimagine energy for people and our planet. We aim to be a very different kind of energy company by 2030, helping the world reach net zero and improving people’s lives. We are committed to creating a diverse and inclusive environment where everyone can thrive. Join bp and become part of the team building our future!

You will work with

This team is responsible for safeguarding the company's digital assets and ensuring robust cyber resilience. They cover various aspects of cybersecurity, including threat and exposure management, security engineering, cyber incident response, security DevOps, and insider threat. Each team has specific responsibilities and areas of focus, collaborating closely with other digital security teams and business units to ensure a cohesive approach to cybersecurity.

Let me tell you about the role

This role works within and supports bp’s cyber intelligence (CI) function under the threat and exposure management team. The CI function is essential to bp’s mission to protect our company, customers, brand, and shareholder value by strengthening cyber intelligence capabilities.

What you will deliver

The cyber threat insights that will drive actions to:

• Identify and remediate weaknesses in bp's security controls (people, process, and technology).
• Improve our overall monitoring detection and response capabilities.
• Generate a positive shift in the organisation's cyber threat awareness and efforts to handle key threats.
• Map practical intelligence to the source, enabling collection insights to drive continuous development and cyber intelligence mission improvements.

In this role, you will:

• Maintain a clear view of the threat landscape; helping prioritize and conduct detailed analysis of key threats, mapping them to bp systems, technology, and data sets.
• Directly support incident responders, providing intelligence that helps set priorities and facilitates cyber investigations and remediation activities.
• Collaborate across digital teams, providing tailored threat insights to enhance security configurations, network detection and response systems and threat hunting capabilities.
• Ensure key customers across the organisation benefit from and make decisions based on threat insights, enabling attack service management to reduce the likelihood of a successful attack.

What you will need to be successful (experience and qualifications)

• Practical working knowledge of intelligence analysis principles and demonstrated experience in analysis of advanced cyber attacker tactics, techniques and procedures and the delivery of actions, informing adjustments to cybersecurity controls.
• Experience operating within a collective security defence environment with internal customers and external partners.
• Experience working with customers / third parties leading to the operationalization of cyber threat intelligence to achieve key outcomes.
• Superb communication and social skills.
• Proven capability working with and manipulating large datasets, applying intelligence insights, conducting analysis to build awareness of threats and hunting for attacker activities.

Plus:

• A degree or equivalent experience in Information Security, Cybersecurity, Computer Science or similar from a recognised institute is preferred; as well as certifications such as CISSP, CISM, or CISA.
• Formal engagement and active participation in industry cyber security groups (such as the Oil & Gas Cyber Security Network) and/or deep relationships with government organisations, such as NCSC or CISA is desired, as well.

About bp

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Travel Requirement

No travel is expected with this role

Relocation Assistance:

This role is not eligible for relocation

Remote Type:

This position is a hybrid of office/remote working

Skills:

Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier security management

Legal Disclaimer:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.